WMI is arguably one of many biggest instruments a system administrator can have. You possibly can handle Home windows workstations, work together with Microsoft merchandise, just like the Configuration Supervisor, monitor server’s sources and lots of extra. At present, we’re going to take a look at the alternative ways we will use WMI with PowerShell. Hopefully, on the finish, you’ll not have a favourite, however know what to make use of for every event.
The Methods
There are three instruments for managing WMI I need to share with you.
- The System.Administration namespace.
- The WMI Scripting API.
- The CIM cmdlets.
Wait, what concerning the WMI Cmdlets, like Get-WmiObject? There are two causes we’re not overlaying these at the moment. These instructions are solely out there for Home windows PowerShell, and you’ll come to be taught that the System.Administration namespace may be very comparable. If you’re nonetheless resisting making an attempt PowerShell 7, I couldn’t advocate it sufficient.
The Process
I need to cowl duties we face on a regular basis whereas administering Home windows units. We’ll take a look at:
- Querying.
- Calling a WMI Class methodology.
- Creating, Updating and Deleting a WMI Class Occasion.
- Bonus: Creating, Populating and Deleting a customized WMI Class.
I additionally need to present the professionals and cons of every methodology, and the place one stands out from the others.
The System.Administration Namespace
If I needed to choose a favourite, it will be this one. Bringing an object-oriented “really feel” to WMI, this .NET namespace makes WMI administration intuitive. Plus, in case you are a C# developer, it will really feel like house.
Querying
To carry out a question, we want an occasion of the ManagementObjectSearcher class. There are three constructors value taking a look at:
ManagementObjectSearcher(String)- The only one. Creates a searcher object specifying the question string.
ManagementObjectSearcher(String, String)- Creates the article with the question and the scope.
ManagementObjectSearcher(ManagementScope, ObjectQuery)- The identical because the earlier one, however with situations of the objects as a substitute of strings. This offers you extra choices.
As soon as we have now the searcher, we name the Get methodology to return the ManagementObjects.
$question = "Choose * From Win32_Process The place Identify="powershell.exe""
$searcher = [wmisearcher]($question)
$end result = $searcher.Get()The $end result variable holds an occasion of the ManagementObjectCollection class. This assortment comprises all of the Win32_Process situations within the type of ManagementObjects.
$end result = $searcher.Get()
$end result | Format-Desk -Property ProcessId, Identify, ExecutablePath -AutoSize
```Output
ProcessId Identify ExecutablePath
--------- ---- --------------
4116 powershell.exe C:WindowsSystem32WindowsPowerShellv1.0powershell.exeThat is the way it appears like utilizing the second and third constructors.
$question = "Choose * From Win32_Process The place Identify="powershell.exe""
$scope="rootcimv2"
$searcher = [wmisearcher]::new($scope, $question)
$end result = $searcher.Get()
# Or
$question = [System.Management.ObjectQuery]::new("Choose * From Win32_Process The place Identify="powershell.exe"")
$scope = [System.Management.ManagementScope]::new('rootcimv2')
$scope.Join()
$searcher = [System.Management.ManagementObjectSearcher]::new($scope, $question)
$end result = $searcher.Get()Calling a WMI Methodology
We may both name a way on the ManagementObject resultant from our question operation, like Terminate, or name a way on the WMI Class object. Let’s create a brand new course of utilizing the Create methodology.
$commandLine="powershell.exe -ExecutionPolicy Bypass -Command "Write-Output "'Howdy! From WMI!''; Learn-Host"'
$processClass = [wmiclass]'Win32_Process'
# The parameters are: CommandLine, CurrentDirectory and ProcessStartupInformation.
$processClass.Create($commandLine, $null, $null)If the strategy succeeds, you ought to be offered with a PowerShell console, and the Output Parameters:
__GENUS : 2
__CLASS : __PARAMETERS
__SUPERCLASS :
__DYNASTY : __PARAMETERS
__RELPATH :
__PROPERTY_COUNT : 2
__PROPERTY_COUNT : 2
__DERIVATION : {}
__SERVER :
__NAMESPACE :
__PATH :
ProcessId : 11896
ReturnValue : 0
PSComputerName :Creating, Updating and Deleting a WMI Class Occasion
We’re going to use the ManagementClass.CreateInstance() methodology to create a brand new occasion of the SMS_Collection class and Put to put it aside to the namespace.
$assortment = ([wmiclass]'rootSMSsite_PS1:SMS_Collection').CreateInstance()
$assortment.Identify="AwesomeDeviceCollection"
$assortment.LimitingCollectionID = 'PS1000042'
$assortment.Put()
# The Get() methodology updates the $assortment object with the brand new
# property values populated by the Config Supervisor.
$assortment.Get()Updating and deleting.
$assortment = [wmiclass]"rootSMSsite_PS1:SMS_Collection.CollectionID='PS1000043'"
$assortment.Identify="AwesomeDeviceCollection_NewName"
$assortment.Put()
# Deleting
$assortment.Delete()The WMI Scripting API
The WMI Scripting API is nothing greater than the publicity of the WMI COM interfaces via a Runtime Callable Wrapper. Or WMI COM Object, for brief. This methodology of managing WMI shouldn’t be as straight ahead because the System.Administration namespace, however its implementation offers nice flexibility.
Querying
To start out, we have to instantiate a SWbemLocator object, which would be the interface to the opposite objects, and procure a SWbemServices object, by connecting to the server.
$locator = New-Object -ComObject 'WbemScripting.SWbemLocator'
$providers = $locator.ConnectServer()Then, we use the ExecQuery methodology, from the SWbemServices object to carry out our question. This methodology returns a SWbemObjectSet, which is a set of SWbemObjects. Its properties are beneath the Properties_ property.
$end result = $providers.ExecQuery("Choose * From Win32_Process The place Identify="powershell.exe"")
$object = $end result | Choose-Object -First 1
$worth = $object.Properties_['ProcessId'].WorthCalling a WMI Methodology
First, we have to create an occasion of the __Properties class, which holds the enter parameters for the Create methodology. Then, we use the SWbemServices.ExecMethod() methodology to name Create.
$commandLine="powershell.exe -ExecutionPolicy Bypass -Command "Write-Output "'Howdy! From WMI!''; Learn-Host"'
$parameters = $object.Methods_['Create'].InParameters.SpawnInstance_()
$parameters.Properties_['CommandLine'].Worth = $commandLine
$output = $providers.ExecMethod('Win32_Process', 'Create', $parameters)The $output variable comprises a SWbemObject, which is an occasion of the Output Parameters property class.
$providers.ExecMethod('Win32_Process', 'Create', $parameters)Worth : 16172
Identify : ProcessId
IsLocal : True
Origin : __PARAMETERS
CIMType : 19
Qualifiers_ : System.__ComObject
IsArray : False
Worth : 0
Identify : ReturnValue
IsLocal : True
Origin : __PARAMETERS
CIMType : 19
Qualifiers_ : System.__ComObject
IsArray : FalseCreating, Updating and Deleting a WMI Class Occasion
Let’s replicate our final instance utilizing the Scripting API.
$assortment = $providers.Get('.rootSMSsite_PS1:SMS_Collection').SpawnInstance_()
$assortment.Properties_['Name'].Worth="AwesomeDeviceCollection"
$assortment.Properties_['LimitingCollectionID'].Worth="PS1000042"
$assortment.Put_()Updating and deleting.
$assortment = $providers.Get(".rootSMSsite_PS1:SMS_Collection.CollectionID='PS1000043'")
$assortment.Properties_['Name'].Worth="AwesomeDeviceCollection_NewName"
$assortment.Put_()
# Deleting
$assortment.Delete_()The CIM Cmdlets
Once you simply need to carry out a WMI question to investigate knowledge, and never essentially work together with it, you can’t beat the CIM Cmdlets. They’re extraordinarily quick, and supply distinctive instruments like auto-complete for sophistication and namespace names and straightforward class retrival with Get-CimClass.
Querying
Performing queries with the CIM Cmdlets may be very nice. One line does all of it.
$end result = Get-CimInstance -Question "Choose * From Win32_Process The place Identify="powershell.exe""The parameters are similar to the Get-WmiObject ones, and can be utilized as follows.
$end result = Get-CimInstance -ClassName 'Win32_Process' -Filter "Identify="powershell.exe""The auto-complete function in Visible Studio Code.
Calling a WMI Methodology
The CIM Cmdlets introduces a novel means of calling WMI Strategies. The outcomes of a CIM question are known as CimInstances, and you can’t name occasion strategies such as you would with the opposite two choices. As an alternative, you name one other Cmdlet known as Invoke-CimMethod.
$commandLine="powershell.exe -ExecutionPolicy Bypass -Command "Write-Output "'Howdy! From WMI!''; Learn-Host"'
$end result = Get-CimClass -ClassName 'Win32_Process'
$params = @{
MethodName="Create"
Arguments = @{
CommandLine = $commandLine
}
}
$output = $end result | Invoke-CimMethod @params
# Or
$params = @{
ClassName="Win32_Process"
MethodName="Create"
Arguments = @{
CommandLine = $commandLine
}
}
$output = Invoke-CimMethod @paramsAnd the end result:
Invoke-CimMethod -ClassName 'Win32_Process' -MethodName 'Create' -Arguments @{ CommandLine = $commandLine }ProcessId ReturnValue PSComputerName
--------- ----------- --------------
14932 0Have a tough time remembering parameters? Me too! Fortunately auto-complete additionally works with them.
Creating, Updating and Deleting a WMI Class Occasion
Should you used the outdated WMI Cmdlets earlier than, it will look acquainted.
$params = @{
Namespace="rootSMSsite_PS1"
ClassName="SMS_Collection"
Property = @{
Identify="AwesomeDeviceCollection"
LimitingCollectionID = 'PS1000042'
}
}
$assortment = New-CimInstance @paramsUpdating and deleting.
$params = @{
Namespace="rootSMSsite_PS1"
Question = "Choose * From SMS_Collection The place Identify="AwesomeDeviceCollection""
Property = @{
Identify="AwesomeDeviceCollection_NewName"
}
}
Set-CimInstance @params
#Or
$params = @{
Namespace="rootSMSsite_PS1"
Question = "Choose * From SMS_Collection The place Identify="AwesomeDeviceCollection""
}
$assortment = Get-CimInstance @params
$assortment | Set-CimInstance -Property @{
Identify="AwesomeDeviceCollection_NewName"
}
#Deleting
$params = @{
Namespace="rootSMSsite_PS1"
Question = "Choose * From SMS_Collection The place Identify="AwesomeDeviceCollection""
}
$assortment = Get-CimInstance @params
$assortment | Take away-CimInstanceExecs and Cons
-
The System.Administration namespace is nice for buying situations of objects or lessons. The aliases like
[wmi]or[wmiclass]makes it simple to work with them, if you realize their path. Calling strategies can also be very intuitive. Within the different hand, querying and doing extra complicated operations will be time-consuming, and may contain extra objects to maintain observe of. -
Utilizing the WMI Scripting API is nice when it’s important to construct entire scripts to handle WMI. Upon getting the SWbemServices object you possibly can work with just about the rest. It is usually rewarding performance-wise, in comparison with the earlier methodology, since you’re working with the RCW interfaces instantly. The System.Administration namespace will wrap these interfaces to offer abstraction. However this comes at a value. If you wish to retrieve single objects or carry out queries to investigate knowledge, this methodology could be a little annoying to work with.
-
The CIM cmdlets are primary on efficiency when querying multiple-object datasets. The CimInstance object is nice to work with, specifically when combining with different identified objects, just like the PSCustomObject. However, calling strategies shouldn’t be as straight ahead as on the earlier strategies. And to entry strategies like Put, Get or Delete will be difficult.
Bonus
Let’s create our personal Namespace beneath root, and implement a customized class! We’ll use the System.Administration namespace, however now you need to use what you be taught to implement this utilizing the opposite strategies as effectively.
$namespace = ([wmiclass]'root:__Namespace').CreateInstance()
$namespace.Identify="ScriptingBlogCoolNamespace"
$namespace.Put()Path : .root:__NAMESPACE.Identify="ScriptingBlogCoolNamespace"
RelativePath : __NAMESPACE.Identify="ScriptingBlogCoolNamespace"
Server : .
NamespacePath : root
ClassName : __NAMESPACE
IsClass : False
IsInstance : True
IsSingleton : False$class = [wmiclass]::new('rootScriptingBlogCoolNamespace', '', $null)
$class['__Class'] = 'CustomClass'
$class.Qualifiers.Add('Static', $true)
$class.Properties.Add('Supply', 'Customized class with .NET!')
$class.Properties.Add('PropertyKey', 1)
## You want a Key property, in any other case WMI would not be capable of assemble the trail of a brand new occasion.
$class.Properties['PropertyKey'].Qualifiers.Add('Key', $true)
$class.Put()Path : .rootScriptingBlogCoolNamespace:CustomClass
RelativePath : CustomClass
Server : .
NamespacePath : rootScriptingBlogCoolNamespace
ClassName : CustomClass
IsClass : True
IsInstance : False
IsSingleton : False$occasion = ([wmiclass]'rootScriptingBlogCoolNamespace:CustomClass').CreateInstance()
$occasion.Supply="CustomInstance!"
$occasion.Put()Path : .rootScriptingBlogCoolNamespace:CustomClass.PropertyKey=1
RelativePath : CustomClass.PropertyKey=1
Server : .
NamespacePath : rootScriptingBlogCoolNamespace
ClassName : CustomClass
IsClass : False
IsInstance : True
IsSingleton : FalseAnd similar to that, we have now our personal Namespace, Class and Occasion! The outcomes on WmiExplorer.
Conclusion
Should you made it to the top, hopefully now you have got the proper instrument for the proper job, concerning WMI. There isn’t any winner, all of them are good in particular conditions. What all of them have in frequent is that they, collectively, will make you a greater System Administrator.
Thanks for following alongside on this journey, and I see you subsequent time!
Helpful hyperlinks
See what I’m as much as!
